Are the Real Limits to Scale a Matter of Science, or Engineering, or of Something Else? (Abstract only)

Ross J. Anderson
{"title":"Are the Real Limits to Scale a Matter of Science, or Engineering, or of Something Else? (Abstract only)","authors":"Ross J. Anderson","doi":"10.1109/CSF.2016.41","DOIUrl":null,"url":null,"abstract":"Summary form only given. As people get excited about the latest idea for \"Big Data\" and the \"Internet of Things\", computer people often shake our heads and say \"It won't scale.\" Pessimism isn't always justified: we have been able to scale up quite a number of tasks, from connectivity through search to social media. But other applications are recalcitrant, from energy management to medical records. The conventional computer-science view is that scaling systems is about computational complexity; about whether the storage or communications required for a task grows more than linearly in the number of users. Over the past thirty years we've developed a pretty good theory of that, but we're learning that it's nowhere near enough. In this talk I present a complementary view, based on over thirty years' experience of security engineering, that the real limits to scale are usually elsewhere. Even where the data are manageable and the algorithms straightforward, things can fail because of the scaling properties of the social context, the economic model or the regulatory environment. This makes some automation projects much harder than they seem. When it comes to safety and privacy many of the attacks that are easy to do in the lab are rare in the wild, as they don't scale either. But others surprise us; no-one in the intelligence community anticipated a leak on the Snowden scale. In short, scaling is now a problem not of computer science but of systems engineering, economics, governance and much else. Conceiving problems too narrowly makes failure likely, while good engineering will require ever more awareness of context. The implications for research, education and policy bear some thought.","PeriodicalId":6500,"journal":{"name":"2016 IEEE 29th Computer Security Foundations Symposium (CSF)","volume":"144 1","pages":"16-16"},"PeriodicalIF":0.0000,"publicationDate":"2016-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 IEEE 29th Computer Security Foundations Symposium (CSF)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSF.2016.41","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

Abstract

Summary form only given. As people get excited about the latest idea for "Big Data" and the "Internet of Things", computer people often shake our heads and say "It won't scale." Pessimism isn't always justified: we have been able to scale up quite a number of tasks, from connectivity through search to social media. But other applications are recalcitrant, from energy management to medical records. The conventional computer-science view is that scaling systems is about computational complexity; about whether the storage or communications required for a task grows more than linearly in the number of users. Over the past thirty years we've developed a pretty good theory of that, but we're learning that it's nowhere near enough. In this talk I present a complementary view, based on over thirty years' experience of security engineering, that the real limits to scale are usually elsewhere. Even where the data are manageable and the algorithms straightforward, things can fail because of the scaling properties of the social context, the economic model or the regulatory environment. This makes some automation projects much harder than they seem. When it comes to safety and privacy many of the attacks that are easy to do in the lab are rare in the wild, as they don't scale either. But others surprise us; no-one in the intelligence community anticipated a leak on the Snowden scale. In short, scaling is now a problem not of computer science but of systems engineering, economics, governance and much else. Conceiving problems too narrowly makes failure likely, while good engineering will require ever more awareness of context. The implications for research, education and policy bear some thought.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
尺度的真正极限是科学问题、工程问题还是其他问题?(抽象)
只提供摘要形式。当人们对“大数据”和“物联网”的最新想法感到兴奋时,搞计算机的人经常摇头说:“它不会规模化。”悲观并不总是有道理的:我们已经能够扩大相当多的任务,从连接到搜索到社交媒体。但从能源管理到医疗记录等其他应用程序则难以驾驭。传统的计算机科学观点认为,缩放系统与计算复杂性有关;关于任务所需的存储或通信是否在用户数量中增长超过线性。在过去的三十年里,我们已经发展了一个相当好的理论,但我们发现这还远远不够。在这次演讲中,我提出了一个基于三十多年安全工程经验的补充观点,即规模的真正限制通常在其他地方。即使数据是可管理的,算法是直接的,事情也可能因为社会背景、经济模型或监管环境的规模属性而失败。这使得一些自动化项目比看起来要困难得多。当涉及到安全和隐私时,许多在实验室中很容易做到的攻击在野外很少见,因为它们也无法扩展。但也有一些令我们惊讶;情报界没有人预料到斯诺登泄密的规模。简而言之,规模化如今已不再是计算机科学的问题,而是系统工程、经济学、治理等诸多领域的问题。过于狭隘地考虑问题可能会导致失败,而好的工程设计则需要对环境有更多的认识。这对研究、教育和政策的影响值得思考。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
Axioms for Information Leakage Multi-run Side-Channel Analysis Using Symbolic Execution and Max-SMT sElect: A Lightweight Verifiable Remote Voting System Automated Reasoning for Equivalences in the Applied Pi Calculus with Barriers On Modular and Fully-Abstract Compilation
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1